Security Basics mailing list archives
Re: SSL certificate pass phase in apache
From: Björn Bergstrand <bjorn () favoptic com>
Date: Fri, 23 Feb 2007 17:29:09 +0100
I dont know about normaly, but if you have a password protected private key you need to have somebody around to punch the passphrase in when the webserver restarts
Hi all I know that I can remove password of my private key using this command: openssl rsa -in foo_key.pem -out foo_keyclear.pem But,I don't like this,because I should save private key without any protection on server,and if sombody access this file,he can easily generate a dummy "valid certificate" from same Issuer. Is this the way that normally used on servers for thier SSL? They won't use: SSLPassPhaseDialog exec:cert/passgenerator for sending pass to apache and then protect that pass generator? Regards --------------------------------------------------------------------------- This list is sponsored by: BigFix If your IT fails, you're out of business - or worse. Arm your enterprise with BigFix, the single converged IT security and operations engine. BigFix enables continuous discovery, assessment, remediation, and enforcement for complex and distributed IT environments in real-time from a single console. Think what's next. Think BigFix. http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNext/ ---------------------------------------------------------------------------
--------------------------------------------------------------------------- This list is sponsored by: BigFix If your IT fails, you're out of business - or worse. Arm your enterprise with BigFix, the single converged IT security and operations engine. BigFix enables continuous discovery, assessment, remediation, and enforcement for complex and distributed IT environments in real-time from a single console. Think what's next. Think BigFix. http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNext/ ---------------------------------------------------------------------------
Current thread:
- SSL certificate pass phase in apache Afshin_pir (Feb 21)
- Re: SSL certificate pass phase in apache Nick Baronian (Feb 22)
- Re: SSL certificate pass phase in apache Saqib Ali (Feb 22)
- <Possible follow-ups>
- Re: SSL certificate pass phase in apache afshin_pir (Feb 22)
- Re: SSL certificate pass phase in apache Björn Bergstrand (Feb 23)
- Re: SSL certificate pass phase in apache Björn Bergstrand (Feb 23)
- language for general risk analysis Ken Kousky (Feb 26)
- Re: SSL certificate pass phase in apache Lars (Feb 26)